[Feature Request] -- CAPTCHA
Closed this issue · 8 comments
It would be a nice addition to have Captcha added to posts to prevent flooding/spam.
Found it via grep, didn't see it in settings.
Actually, now that I got it turned on, it doesn't seem to work. It posts regardless if the Captcha is solved or not.
What value did you set TINYIB_CAPTCHA to in your settings?
recaptcha
Maybe you need an updated version of the Google PHP Recaptcha library (v1.0 is said to not be supported, if that's what it currently was using): https://code.google.com/archive/p/recaptcha/downloads (see the php version)
I found this simple example, just update the keys, and save it to test.php and cd to the directory where it is and fire up php -S localhost:9000 then in a web browser go to http://localhost:9000/test.php and it works.
<!doctype html>
<html>
<head>
<title>Google reCAPTCHA demo</title>
<script src='https://www.google.com/recaptcha/api.js'></script>
</head>
<body>
<form method="post" action="test.php">
<div class="g-recaptcha" data-sitekey="CHANGE TO YOUR PUBLIC KEY"></div>
<input type="submit" />
</form>
</body>
</html>
<?php
if($_SERVER["REQUEST_METHOD"] === "POST")
{
//form submitted
//check if other form details are correct
//verify captcha
$recaptcha_secret = "CHANGE TO YOUR PRIVATE KEY";
$response = file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=".$recaptcha_secret."&response=".$_POST['g-recaptcha-response']);
$response = json_decode($response, true);
if($response["success"] === true)
{
echo "Logged In Successfully";
}
else
{
echo "You are a robot";
}
}
?>
I've just enabled recaptcha on a clean install and tried to post anyway, and was properly denied. Are you testing this while still logged into an admin/mod account?
Maybe that was the problem, I'm not really sure at this point in time. I tried a fresh set up without logging in as administrator and reCAPTCHA seems to be working fine now. Thanks